GuidesProfile Management

Password Update

This guide will help you enable secure password updates for users with Email-Password signups in the Next.js Supabase SaaS template.

Overview

In many applications, users expect to be able to sign in using a password. To maintain account security, it's essential that users have the option to update their passwords periodically, especially when there are security concerns or after certain time intervals.

The Next.js Supabase SaaS template provides a built-in feature that allows users to update their passwords. This feature is available only if the user signed up using the Email-Password method.

Enabling Password Update

To make the password update option available on the user interface (UI), ensure that the enablePasswordUpdate flag is set to true in the client.config.ts file under the auth section:

auth: {
    enablePasswordUpdate: true
}

Password Update Process

Once the password update feature is enabled, users will see the option to update their password in the account settings. The process involves two main steps:

  1. Input New Password: The user is presented with two input fields where they can enter and confirm a new password. The system checks if the newly entered password meets the strength criteria (e.g., length, complexity). If the password is deemed too weak, the UI will suggest improvements.

  2. Password Update Confirmation: Once the new password passes the strength validation, the system will use the supabase.auth.updateUser method to update the user's password. This change is applied immediately, ensuring the user's account is secured with the updated password.

Important Notes:

  • This functionality is applicable only for users who signed up using the Email-Password method.
  • It's recommended that users regularly update their passwords to maintain account security.

Previous

Update Profile

Next

Marketing Email Preference

On this page

OverviewEnabling Password UpdatePassword Update ProcessImportant Notes: